2 * Copyright (C) 1996-2018 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
10 #include "acl/FilledChecklist.h"
11 #include "client_side.h"
12 #include "comm/Connection.h"
13 #include "comm/forward.h"
14 #include "ExternalACLEntry.h"
15 #include "http/Stream.h"
16 #include "HttpReply.h"
17 #include "HttpRequest.h"
18 #include "SquidConfig.h"
20 #include "auth/AclProxyAuth.h"
21 #include "auth/UserRequest.h"
24 CBDATA_CLASS_INIT(ACLFilledChecklist
);
26 ACLFilledChecklist::ACLFilledChecklist() :
31 auth_user_request (NULL
),
39 requestErrorType(ERR_MAX
),
42 destinationDomainChecked_(false),
43 sourceDomainChecked_(false)
51 ACLFilledChecklist::~ACLFilledChecklist()
53 assert (!asyncInProgress());
55 safe_free(dst_rdns
); // created by xstrdup().
57 HTTPMSGUNLOCK(request
);
61 cbdataReferenceDone(conn_
);
64 cbdataReferenceDone(sslErrors
);
67 debugs(28, 4, HERE
<< "ACLFilledChecklist destroyed " << this);
71 showDebugWarning(const char *msg
)
73 static uint16_t count
= 0;
78 debugs(28, DBG_IMPORTANT
, "ALE missing " << msg
);
82 ACLFilledChecklist::syncAle() const
84 // make sure the ALE fields used by Format::assemble to
85 // fill the old external_acl_type codes are set if any
86 // data on them exists in the Checklist
88 if (!al
->cache
.port
&& conn()) {
89 showDebugWarning("listening port");
90 al
->cache
.port
= conn()->port
;
95 showDebugWarning("HttpRequest object");
96 al
->request
= request
;
97 HTTPMSGLOCK(al
->request
);
100 if (!al
->adapted_request
) {
101 showDebugWarning("adapted HttpRequest object");
102 al
->adapted_request
= request
;
103 HTTPMSGLOCK(al
->adapted_request
);
106 if (al
->url
.isEmpty()) {
107 showDebugWarning("URL");
108 al
->url
= request
->url
.absolute();
112 if (reply
&& !al
->reply
) {
113 showDebugWarning("HttpReply object");
115 HTTPMSGLOCK(al
->reply
);
119 if (*rfc931
&& !al
->cache
.rfc931
) {
120 showDebugWarning("IDENT");
121 al
->cache
.rfc931
= xstrdup(rfc931
);
127 ACLFilledChecklist::conn() const
129 return cbdataReferenceValid(conn_
) ? conn_
: nullptr;
133 ACLFilledChecklist::conn(ConnStateData
*aConn
)
137 assert (conn() == NULL
);
138 conn_
= cbdataReference(aConn
);
142 ACLFilledChecklist::fd() const
144 const auto c
= conn();
145 return (c
&& c
->clientConnection
) ? c
->clientConnection
->fd
: fd_
;
149 ACLFilledChecklist::fd(int aDescriptor
)
151 const auto c
= conn();
152 assert(!c
|| !c
->clientConnection
|| c
->clientConnection
->fd
== aDescriptor
);
157 ACLFilledChecklist::destinationDomainChecked() const
159 return destinationDomainChecked_
;
163 ACLFilledChecklist::markDestinationDomainChecked()
165 assert (!finished() && !destinationDomainChecked());
166 destinationDomainChecked_
= true;
170 ACLFilledChecklist::sourceDomainChecked() const
172 return sourceDomainChecked_
;
176 ACLFilledChecklist::markSourceDomainChecked()
178 assert (!finished() && !sourceDomainChecked());
179 sourceDomainChecked_
= true;
183 * There are two common ACLFilledChecklist lifecycles paths:
185 * A) Using aclCheckFast(): The caller creates an ACLFilledChecklist object
186 * on stack and calls aclCheckFast().
188 * B) Using aclNBCheck() and callbacks: The caller allocates an
189 * ACLFilledChecklist object (via operator new) and passes it to
190 * aclNBCheck(). Control eventually passes to ACLChecklist::checkCallback(),
191 * which will invoke the callback function as requested by the
192 * original caller of aclNBCheck(). This callback function must
193 * *not* delete the list. After the callback function returns,
194 * checkCallback() will delete the list (i.e., self).
196 ACLFilledChecklist::ACLFilledChecklist(const acl_access
*A
, HttpRequest
*http_request
, const char *ident
):
201 auth_user_request(NULL
),
204 snmp_community(NULL
),
209 requestErrorType(ERR_MAX
),
212 destinationDomainChecked_(false),
213 sourceDomainChecked_(false)
222 if (http_request
!= NULL
) {
223 request
= http_request
;
224 HTTPMSGLOCK(request
);
225 #if FOLLOW_X_FORWARDED_FOR
226 if (Config
.onoff
.acl_uses_indirect_client
)
227 src_addr
= request
->indirect_client_addr
;
229 #endif /* FOLLOW_X_FORWARDED_FOR */
230 src_addr
= request
->client_addr
;
231 my_addr
= request
->my_addr
;
233 if (request
->clientConnectionManager
.valid())
234 conn(request
->clientConnectionManager
.get());
239 xstrncpy(rfc931
, ident
, USER_IDENT_SZ
);